Overcoming challenges of deploying IPv6in the live Enterprise work environmentTina Tsou (Speaker), Kenneth Durazzo, Wendel...
AgendaIt’s Only IP…Right?Making the caseDefining successTesting 360Planning the TransitionDeployment Details       UCC   ...
Section 1:Best Practices / Overview HUAWEI TECHNOLOGIES CO., LTD.   Huawei Confidential   Page 3
It’s Only IP… Right?Should be easy, no?But what about…       Security policy and devices       Operating systems, Hyperv...
Making the Case                                             Business Executives                                           ...
Defining SuccessBusiness impact definitionWhat is the scope of deployment?      Entire environment? branch, campus or DC?...
Testing 360Best practices       Set up a lab that mimics your target environment, but not at scale       Perform an inve...
Planning the TransitionCreate the scope of work        Environment        Platforms        Applications        Users, ...
IPv6 production office networks                  Enable all                               Explore practical IPv6          ...
Section 2:Network Architecture – IPv6 LAB Network  HUAWEI TECHNOLOGIES CO., LTD.   Huawei Confidential   Page 10
IPv6 Network               OSPFv3                                        Static Routing               CGN @ NE40E         ...
CGN and PCP Layout            UPnP                                 DS-Lite                                  NAT44   Privat...
Multicast IPv6 Transition 6-6-4 Case                                                          IPv4 Multicast Network      ...
LightWeight 4over6   Per-subscriber stateful 4 over 6 solution   No IPv4 and IPv6 address coupling   Adopted by CT, FT ...
Section 3:Live Production Network HUAWEI TECHNOLOGIES CO., LTD.   Huawei Confidential   Page 15
Phase 1 Enterprise Network Transition Challenges: • Security and compliance      • Multi zone networks based on use.      ...
Phase 1 Enterprise Network Transition – cont. Strategy: • Security and compliance      • Solution or Proof of Concept impl...
Phase 1 Enterprise Network Transition – cont. Solution and scope: • Deploy IPv6 stub network with dual nic Linux host runi...
Phase 1 Enterprise Network Transition – cont.  cont.• IPv6 NAT64 prefix (well-known or network-specific) is dedicated to m...
Phase 1 Enterprise Network Transition – cont.Results:• IPv6 host able to ping and telnet to network devices in IPv4 domain...
eSpace UC                                                PSTN/PLMN Analog             IP Phone                          ...
eSpace UC – SIP, RTP(VOIP 1)                                       PSTN/PLMN                                              ...
eSpace UC – SIP, RTP(VOIP 2)                                       PSTN/PLMN                                              ...
eSpace UC – SIP, RTP(Conference)                                         PSTN/PLMN                                        ...
SIP and RTP   UC Server                                              UC Server                 Intranet(IPv6)             ...
Section 4:Additional Use-Cases HUAWEI TECHNOLOGIES CO., LTD.   Huawei Confidential   Page 26
www.huawei.com permanently launched v6   HUAWEI TECHNOLOGIES CO., LTD.   Huawei Confidential   Page 27
Huawei: IPv6 Deployment used by IEEE meeting   IEEE HOT INTERCONNECT CONFERENCE, Aug 22-24, hosted by Huawei at Huawei cam...
Additional Referencehttp://www.huawei.com/en/solutions/broader-smarter/hw-092950-ipv6.htm HUAWEI TECHNOLOGIES CO., LTD.   ...
Thank you                                     www.huawei.comCopyright©2011 Huawei Technologies Co., Ltd. All Rights Reserv...
Upcoming SlideShare
Loading in …5
×

Overcoming Challenges of Deploying IPv6 in the live Enterprise Work Environment by Tina Tsou at gogoNET LIVE! 3 IPv6 Conference

1,031 views
845 views

Published on

gogo6 IPv6 Video Series. Event, presentation and speaker details below:

EVENT
gogoNET LIVE! 3: Enterprise wide Migration. http://gogonetlive.com
November 12 – 14, 2012 at San Jose State University, California
Agenda: http://gogonetlive.com/4105/gogonetlive3-agenda.asp

PRESENTATION
Overcoming Challenges of Deploying IPv6 in the live Enterprise Work Environment
Abstract: http://www.gogo6.com/profiles/blogs/my-panel-discussion-at-gogonet-live-3
Presentation video: http://www.gogo6.com/video/challenges-of-deploying-ipv6-in-the-live-enterprise-by-tina-tsou
Interview video: http://www.gogo6.com/video/interview-with-tina-tsou-at-gogonet-live-3-ipv6-conference

SPEAKER
Tina Tsou - Head of IPv6 Research, Huawei
Bio/Profile: http://www.gogo6.com/profile/TinaTSOU

MORE
Learn more about IPv6 on the gogoNET social network
http://www.gogo6.com
Get free IPv6 connectivity with Freenet6
http://www.gogo6.com/Freenet6
Subscribe to the gogo6 IPv6 Channel on YouTube
http://www.youtube.com/subscription_center?add_user=gogo6videos
Follow gogo6 on Twitter
http://twitter.com/gogo6inc
Like gogo6 on Facebook
http://www.facebook.com/pages/IPv6-products-community-and-services-gogo6/161626696777

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,031
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Overcoming Challenges of Deploying IPv6 in the live Enterprise Work Environment by Tina Tsou at gogoNET LIVE! 3 IPv6 Conference

  1. 1. Overcoming challenges of deploying IPv6in the live Enterprise work environmentTina Tsou (Speaker), Kenneth Durazzo, Wendell Rios www.huawei.comHuawei Technologies HUAWEI TECHNOLOGIES CO., LTD.
  2. 2. AgendaIt’s Only IP…Right?Making the caseDefining successTesting 360Planning the TransitionDeployment Details  UCC  Applications / Network  PlatformsHUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential
  3. 3. Section 1:Best Practices / Overview HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 3
  4. 4. It’s Only IP… Right?Should be easy, no?But what about…  Security policy and devices  Operating systems, Hypervisors  Servers, PCs and smart-devices  Network platforms  Services and Applications  VPN  Application Optimization  UCC  Private and Public Cloud Applications  DNS / DHCP / Printing  Monitoring / Troubleshooting tools HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential
  5. 5. Making the Case Business Executives  IPv6 will help us increase IT flexibility for new applications and communications, for instance BYOD  CAPex cost should be minimal, OPex Business Security should stay the sameExecutives Operations Security Operations  IPv6 is here on the network, in fact all new OS’s already support it, if you don’t embrace it, how will you protect the IT business? Application / Server Operations  Many applications and tools already support IPv6, resulting in minor changesApplication / Business to existing environment and processes Server Function Business Function LeadersOperations Leaders  How this will be non-intrusive to their users and business goals but be an enabler to their business (eg: BYOD)HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential
  6. 6. Defining SuccessBusiness impact definitionWhat is the scope of deployment?  Entire environment? branch, campus or DC?  Phased deployment?  At the Edge? In the Core?Timeline for cut-overUser QOE for:  Applications  NetworkWhat is the desired successful outcome (exit criteria)? HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential
  7. 7. Testing 360Best practices  Set up a lab that mimics your target environment, but not at scale  Perform an inventory of:  Applications  Platforms / Devices  Work with employees to create User-stories / Use-cases for the target environment  Test, test, test…  Devices / Applications / permutations  Involve security and other operations teams, early and often, even better if they are part of the testing teamHUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential
  8. 8. Planning the TransitionCreate the scope of work  Environment  Platforms  Applications  Users, etcGet training for all impacted personnel for support of IPv6 and any new systems put in place to support the environmentInventory all impacted devices and configurations. Include wiring plant and HVAC, etcCreate clear documentation and points of contact for transition activitiesAll OPS teams must be deeply involved (Sec / App / Server / Network)Socialize the scope of work and get buy-in / signatures for cut-over dates / timesGo live! HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential
  9. 9. IPv6 production office networks Enable all Explore practical IPv6 employees to deployment and have IPv6 access transition options Enable employees Enable product to innovate and teams to test collaborate with the new external partners implementations HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 9
  10. 10. Section 2:Network Architecture – IPv6 LAB Network HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 10
  11. 11. IPv6 Network OSPFv3 Static Routing CGN @ NE40E Santa Clara, CA Content CE Server Router IPv6 Network Core IPv6 Network AR AR Plano, TX and Santa Clara, CAHUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 11
  12. 12. CGN and PCP Layout UPnP DS-Lite NAT44 Private IPv4 Client/IPv4 IPv4 over IPv6 Public IPv4/Internet Client Web Server PCP Port 2 CPE1 Port 3 IPv6 Internet P2P Client-1 NON-PCP PCP PCP Server Port 2 P2P Client-2 NATCoord IPv4 Internet CPE2 CGN Port 1 Port 3Web Server (VM) UPnP/PCP Interworking NE40E-X3 InternetNATCoord Client Huawei HG553 Client HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 12
  13. 13. Multicast IPv6 Transition 6-6-4 Case IPv4 Multicast Network IPv4 IPv4 Content CERNET Server Content IPv6 IPv6 IPv4 IPv6 RP (IPv4 MulticastReceiver IPv6 Multicast Content Server) Network MLD CPE PIM IPv6 IPv6 Multicast 4/6 GatewayMulticast Client Multicast Content Traffic HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 13
  14. 14. LightWeight 4over6 Per-subscriber stateful 4 over 6 solution No IPv4 and IPv6 address coupling Adopted by CT, FT and DT.HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 14
  15. 15. Section 3:Live Production Network HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 15
  16. 16. Phase 1 Enterprise Network Transition Challenges: • Security and compliance • Multi zone networks based on use. • Intranet networks highly secured and regulated by Corporate HQ. • Nothing goes on the network unless approved by Information Security and IT. • Too much “red tape.” • Technology • Existing infrastructure not ready, no IPv6 support. • Support • Minimal to none local resources. HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 16
  17. 17. Phase 1 Enterprise Network Transition – cont. Strategy: • Security and compliance • Solution or Proof of Concept implementation that does not break the rules. • Technology • Solution that utilizes existing network – no change in IT infrastructure. • Support • Get local Regional IT buy in. HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 17
  18. 18. Phase 1 Enterprise Network Transition – cont. Solution and scope: • Deploy IPv6 stub network with dual nic Linux host runing NAT64/DNS64 service. • IPv6 only host able to access IPv4 rfc1918 resources, i.e. Sharepoint portal, Proxy web server, and etc; by utilizing NAT64 and DNS64 gateway. Technology and resources: • Allocate IPv4 rfc1918 network prefix for IPv4 dynamic mapping pool. • Allocate IPv6 network prefixes: • 2001:db8:1:ffff::/96 for NAT64/DNS64 service. • Redhat Linux host with dual network adapters running NAT64/DNS64 service. • Tayga stateless NAT64 open source application was installed and tested. • TOTD DNS64 open source application was installed and tested. HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 18
  19. 19. Phase 1 Enterprise Network Transition – cont. cont.• IPv6 NAT64 prefix (well-known or network-specific) is dedicated to mapped IPv4 addresses.• NAT64 and DNS64 processes use the same prefix.• Default gateway and DNS server of IPv6 host is the NAT64/DNS64 gateway. HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 19
  20. 20. Phase 1 Enterprise Network Transition – cont.Results:• IPv6 host able to ping and telnet to network devices in IPv4 domain using NAT64 IPv6 prefix.• IPv6 host able to access resources in IPv4 only domain using Fully Qualified Domain Names.• IPv6 host able to use web proxy in IPv4 only domain to access Internet websites. • Web proxy FQDN was hard set in host browser settings.• IPv6 host able to browse and utilize Sharepoint portal/collaboration tool.Next Steps:• Explore and incorporate additional IPv6 technologies. • DHCPv6• Deploy architecture to larger scope – Phase 2. HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 20
  21. 21. eSpace UC PSTN/PLMN Analog  IP Phone  UC Server  Soft Fax  PC Client / Soft Phone PSTN Gateway  U2990 (CALL Control) Console HEADQUARTERS SBC Firewall SVN IP E1/ATO POTS IPV4/IPV6 WiFi/3GE1/T1 PSTN/PLMN ATO PSTN/PLMN IAD U1980 EGW SSL VPN Analog  Analog Internet  PC Client Fax  Fax SBC Proxy  Soft Phone IP Phone  IP Phone PC Client  PC Client WiFi WiFi BRANCH A BRANCH B PUBLIC NETWORK HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 21
  22. 22. eSpace UC – SIP, RTP(VOIP 1) PSTN/PLMN IPv4/IPv6 dual-stack U29XX UC Server HEADQUARTERS SBC Firewall SVN IPv4/IPv6 dual-stack SIP RTP IPV4/IPV6 PSTN/PLMN PSTN/PLMN EGW U1980 SSL VPN Internet IPv4 BRANCH IPv6 BRANCH PUBLIC NETWORK HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 22
  23. 23. eSpace UC – SIP, RTP(VOIP 2) PSTN/PLMN IPv4/IPv6 dual-stack U29XX UC Server HEADQUARTERS SBC Firewall SVN IPv4/IPv6 dual-stack SIP RTP IPV4/IPV6 PSTN/PLMN PSTN/PLMN EGW U1980 SSL VPN Internet IPv4 IPv6 PUBLIC NETWORK BRANCH BRANCH HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 23
  24. 24. eSpace UC – SIP, RTP(Conference) PSTN/PLMN IPv4/IPv6 dual-stack U29XX UC Server HEADQUARTERS SBC Firewall SVN IPv4/IPv6 dual-stack SIP RTP IPV4/IPV6 PSTN/PLMN PSTN/PLMN EGW U1980 SSL VPN Internet IPv4 BRANCH IPv6 BRANCH PUBLIC NETWORK HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 24
  25. 25. SIP and RTP UC Server UC Server Intranet(IPv6) Intranet(IPv6) U29XX U29XX SIP SIP Intranet(IPv6) Intranet(IPv6) RTP eSpace eSpace eSpace eSpace P2P VOIP ConferenceHUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 25
  26. 26. Section 4:Additional Use-Cases HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 26
  27. 27. www.huawei.com permanently launched v6 HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 27
  28. 28. Huawei: IPv6 Deployment used by IEEE meeting IEEE HOT INTERCONNECT CONFERENCE, Aug 22-24, hosted by Huawei at Huawei campus on Santa Clara, CA, USA IPv4/IPv6 Internet IPv4/IPv6 Firewall (support NAT for IPv4) IPv4 IPS/IDS IPv4 AC IPv4/IPv6 Core&Aggregation (Active) (Gateway,iStack) IPv4 AC (Standby) Access Layer IPv4 AP IPv4/IPv6 STA HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 28
  29. 29. Additional Referencehttp://www.huawei.com/en/solutions/broader-smarter/hw-092950-ipv6.htm HUAWEI TECHNOLOGIES CO., LTD. Huawei Confidential Page 29
  30. 30. Thank you www.huawei.comCopyright©2011 Huawei Technologies Co., Ltd. All Rights Reserved.The information in this document may contain predictive statements including, without limitation, statementsregarding the future financial and operating results, future product portfolio, new technology, etc. There are anumber of factors that could cause actual results and developments to differ materially from those expressed orimplied in the predictive statements. Therefore, such information is provided for reference purpose only andconstitutes neither an offer nor an acceptance. Huawei may change the information at any time without notice.

×